Root Login for the google compute engine instance

[Vanitha Ramaswami]

Hi,

How do i reset the password for the root account in a rhel6.x VM created in google compute engine. ?

I transferred the public key to the meta-data ssh-keys, but looks like some syntax error or something & is never allowing me to login as root user from the browser ssh command line tool & the external ssh tool

[Faizan (Google Cloud Support)]

Hello Vanitha,

The default ssh authentication for GCE instance is public key authentication and not password based. Moreover, for security reasons, most of the standard Google images do not provide the ability to connect directly as root. The instance creator and any users that were added using the metadata sshKeys value are automatically administrators to the account, with the ability to run sudo without requiring a password. Although it is not recommended, but you can modify /etc/ssh/sshd_config to allow root login. You can refer to this link for the steps.

I hope that helps.

Faizan

[Vanitha Ramaswami]

But the account that I created don't seem to have access to admin account & not able to get access to /opt directory..

How do i add access to the non-root account to get access to the system directories.

Appreciate ur help.

[Vanitha Ramaswami]

Got root access..Thanks..

[Barrett Meeker]

How did you get root access? I'm having the same problem.  Thanks!

[Faizan (Google Cloud Support)]

Hello Barrett,

What steps have you tired? Any error message you are getting?

Faizan

[Michael Martinek]

Have you tried logging in as your user and just doing sudo su?

[Ishwara Bhat]

Hi,

I too have root access problem. I have VM instance. Got SSH and keys setup. I can do WinSCP. But I can not change the permissions (chmod 777 ) in file system. (I am trying to modify Magento application theme change. It requires uploading a folder).
From GCE VM instance "Meta data", I can see user names and keys. Is this the root user and password for the instance?

But when I open shell online and try $su <user name : one of the names from Meta> and corresponding key as password, it does not authenticate. When I tried the password from "customer meta data" in VM instance, even that does not work.

Please let me know how to find this out. My requirement is to change the permissions in magento 2 folder in the VM instance.

Thanks
Ishwar

[Ishwara Bhat]

Just to add, though I have SSH and WinSCP is setup, I am unable to upload files since folders are read only. Unable to change permissions from remote SCP.

[onway]

Hi Ishwar,

GCP's default login username is your gmail account name without @gmail.com,which can be used as root user and can login through third part as Putty Xshell only through SSH KEY,about SSH creation,please check GCP's Help option.

GCP does not need rootuser password to login unless you change default user name into "root",

--
© 2017 Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043
 
Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-discussion@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.
---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussion+unsubscribe@googlegroups.com.
To post to this group, send email to gce-discussion@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gce-discussion/c2595935-f8f8-43e5-8146-b880eb60d2e2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Ishwara Bhat]

Thanks. I am able to go past this stage. i.e. I have "WinSCP setup" with user name and certificate setup. I can only browse the file system on VM instance. But I am not able to upload (permission problem). Further, when I tried chmod 777 (from SSH on VM instance), it says permission denied. Then I tried $su , but not sure what password is required to grant me permission..

Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-dis...@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.

---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.

To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussio...@googlegroups.com.
To post to this group, send email to gce-dis...@googlegroups.com.

[Nicole Yi]

When you set up your instance, it won't ask you to set up root password. 

What you need to do is ssh in using "gcloud compute ssh" or via the console, then using "sudo passwd" to set a password to your account, and "sudo -". It should work on both RHEL family and Debian family. 

[Henry Scullion]

On Way,

I have been searching for this information for hours!

I could not find anywhere on the GCP documentation an explicit, simple, clear statement of what users are created with a VM and how to add more admin users for SSH access (I want to use Ansible to configure my VM from my local dev environment). I had two questions:

1. What users are created when a GCP VM is created?
   
2. How do I add an admin user to my VM and give them SSH access so that my Ansible scripts can configure my VM (Roots Bedrock Trellis WordPress framework)?

You have answered Question 1, and the answer from Faizan above answers Question 2. - https://groups.google.com/d/msg/gce-discussion/wLbzUGbsEMM/6cMeBFb-AAAJ 

So, to summarise:

1. Answer 1. - When I create a GCP VM, an admin user with the username of my gmail account prefix is created.
   
2. Answer 2. - To add a new user to my VM, I add SSH public key to VM Metadata. If the user specified in the SSH info does not exist, it will be created on my GCP VM.
   

And I assume that to get SSH access to my VM from an interactive iTerm on my Mac OSX laptop, I need to generate an SSH private/public key pair on my Mac OSX laptop, and add the public key to my CGP VM Metadata?

Thanks,

Henry

Email preferences: You received this email because you signed up for the Google Compute Engine Discussion Google Group (gce-dis...@googlegroups.com) to participate in discussions with other members of the Google Compute Engine community and the Google Compute Engine Team.

---
You received this message because you are subscribed to the Google Groups "gce-discussion" group.

To unsubscribe from this group and stop receiving emails from it, send an email to gce-discussio...@googlegroups.com.
To post to this group, send email to gce-dis...@googlegroups.com.

[King David]

For what it is worth, I attempted quite a few things with the IAM roles section, Metadata, etc, etc, but what really made a huge difference whas the following items you have to consider:

1. Any changes on IAM roles, metadata, etc, they don't take effect until you stop and start the vm instance.

2. Every comment I read kept saying that the instance never asked me for a password but it did!....  Then I realized I was ssh-ing into the instance from the outside using the public ip address.... the minute I ssh-ed to the instance using the ssh browse from the google panel, it didn't ask me for the password!!

Thanks